Changed server for FSMO roles

Similar Messages

• Change server for ALEREMOTE user

  Hi Guys,
  I want to change the server on which the ALEREMOTE user's jobs are run. They currently run on ou CI and I want to change it the app server. How do you do that?
  Thanks
  Cyrus

  Please go through this link
  http://help.sap.com/saphelp_nw2004s/helpdata/en/c4/3a7f1f505211d189550000e829fbbd/content.htm
  thanks
  Prince Jose

• Changing server for Cisco Prime LMS 4.2 installation

  Hi,
  I am planning to install Cisco Prime LMS 4.2 with 50 device license on a temporary server. My question is:
  Can we install Cisco Prime LMS 4.2 on Server A, applied the license for 50 devices, and then several months later we uninstall LMS on Server A, reinstall it on Server B, and applied the same license for 50 users?
  Is it possible and legal to do that? I am worry if the LMS license is binding to the first server's MAC address.
  Thanks in advance.

  also :vmversion 4.1 and 5.1 both checked, hdd 256, scsi , memory 8 gig,

• New files and folders on a Linux client mounting a Windows 2012 Server for NFS share do not inherit Owner and Group when SetGID bit set

  Problem statement
  When I mount a Windows NFS service file share using UUUA and set the Owner and Group, and set the SetGID bit on the parent folder in a hierarchy. New Files and folders inside and underneath the parent folder do not inherit the Owner and Group permissions
  of the parent.
  I am given to understand from this Microsoft KnowledgeBase article (http://support.microsoft.com/kb/951716/en-gb) the problem is due to the Windows implmentation of NFS Services not supporting the Solaris SystemV or BSD grpid "Semantics"
  However the article says the same functionality can acheived by using ACE Inheritance in conjunction with changing the Registry setting for "KeepInheritance" to enable Inheritance propagation of the Permissions by the Windows NFS Services.
  1. The Precise location of the "KeepInheritance" DWORD key appears to have "moved" in  Windows Server 2012 from a Services path to a Software path, is this documented somewhere? And after enabling it, (or creating it in the previous
  location) the feature seems non-functional. Is there a method to file a Bug with Microsoft for this Feature?
  2. All of the references on demonstrating how to set an ACE to achieve the same result "currently" either lead to broken links on Microsoft technical websites, or are not explicit they are vague or circumreferential. There are no plain Examples.
  Can an Example be provided?
  3. Is UUUA compatible with the method of setting ACE to acheive this result, or must the Linux client mount be "Mapped" using an Authentication source. And could that be with the new Flat File passwd and group files in c:\windows\system32\drivers\etc
  and is there an Example available.
  Scenario:
  Windows Server 2012 Standard
  File Server (Role)
  +- Server for NFS (Role) << -- installed
  General --
  Folder path: F:\Shares\raid-6-array
  Remote path: fs4:/raid-6-array
  Protocol: NFS
  Authentication --
  No server authentication
  +- No server authentication (AUTH_SYS)
  ++- Enable unmapped user access
  +++- Allow unmapped user access by UID/GID
  Share Permissions --
  Name: linux_nfs_client.host.edu
  Permissions: Read/Write
  Root Access: Allowed
  Encoding: ANSI
  NTFS Permissions --
  Type: Allow
  Principal: BUILTIN\Administrators
  Access: Full Control
  Applies to: This folder only
  Type: Allow
  Principal: NT AUTHORITY\SYSTEM
  Access: Full Control
  Applies to: This folder only
  -- John Willis, Facebook: John-Willis, Skype: john.willis7416

  I'm making some "major" progress on this problem.
  1. Apparently the "semantics" issue to honor SGID or grpid in NFS on the server side or the client side has been debated for some time. It also existed as of 2009 between Solaris nfs server and Linux nfs clients. The Linux community defaulted to declaring
  it a "Server" side issue to avoid "Race" conditions between simultaneous access users and the local file system daemons. The client would have to "check" for the SGID and reformulate its CREATE request to specify the Secondary group it would have to "notice"
  by which time it could have changed on the server. SUN declined to fix it.. even though there were reports it did not behave the same between nfs3 vs nfs4 daemons.. which might be because nfs4 servers have local ACL or ACE entries to process.. and a new local/nfs
  "inheritance" scheme to worry about honoring.. that could place it in conflict with remote access.. and push the responsibility "outwards" to the nfs client.. introducing a race condition, necessitating "locking" semantics.
  This article covers that discovery and no resolution - http://thr3ads.net/zfs-discuss/2009/10/569334-CR6894234-improved-sgid-directory-compatibility-with-non-Solaris-NFS-clients
  2. A much Older Microsoft Knowledge Based article had explicit examples of using Windows ACEs and Inheritance to "mitigate" the issue.. basically the nfs client "cannot" update an ACE to make it "Inheritable" [-but-] a Windows side Admin or Windows User
  [-can-] update or promote an existing ACE to "Inheritable"
  Here are the pertinent statements -
  "In Windows Services for UNIX 2.3, you can use the KeepInheritance registry value to set inheritable ACEs and to make sure that these ACEs apply to newly created files and folders on NFS shares."
  "Note About the Permissions That Are Set by NFS Clients
  The KeepInheritance option only applies ACEs that have inheritance enabled. Any permissions that are set by an NFS client will
  only apply to that file or folder, so the resulting ACEs created by an NFS client will
  not have inheritance set."
  "So
  If you want a folder's permissions to be inherited to new subfolders and files, you must set its permissions from the Windows NFS server because the permissions that are set by NFS clients only apply to the folder itself."
  http://support.microsoft.com/default.aspx?scid=kb;en-us;321049
  3. I have set up a Windows 2008r2 NFS server and mounted it with a Redhat Enteprise Linux 5 release 10 x86_64 server [Oct 31, 2013] and so far this does appear to be the case.
  4. In order to mount and then switch user to a non-root user to create subdirectories and files, I had to mount the NFS share (after enabling Anonymous AUTH_SYS mapping) this is not a good thing, but it was because I have been using UUUA - Unmapped Unix
  User Access Mapping, which makes no attempt to "map" a Unix UID/GID set by the NFS client to a Windows User account.
  To verify the Inheritance of additional ACEs on new subdirectories and files created by a non-root Unix user, on the Windows NFS server I used the right click properties, security tab context menu, then Advanced to list all the ACEs and looked at the far
  Column reflecting if it applied to [This folder only, or This folder and Subdirectories, or This folder and subdirectories and files]
  5. All new Subdirectories and files createdby the non-root user had a [Non-Inheritance] ACE created for them.
  6. I turned a [Non-Inheritance] ACE into an [Inheritance] ACE by selecting it then clicking [Edit] and using the Drop down to select [This folder, subdirs and files] then I went back to the NFS client and created more subdirs and files. Then back to the
  Windows NFS server and checked the new subdirs and folders and they did Inherit the Windows NFS server ACE! - However the UID/GID of the subdirs and folders remained unchanged, they did not reflect the new "Effective" ownership or group membership.
  7. I "believe" because I was using UUUA and working "behind" the UID/GID presentation layer for the NFS client, it did not update that presentation layer. It might do that "if" I were using a Mapping mechanism and mapped UID/GID to Windows User SIDs and
  Group SIDs. Windows 2008r2 no longer has a "simple" Mapping server, it does not accept flat text files and requires a Schema extension to Active Directory just to MAP a windows account to a UID/GID.. a lot of overhead. Windows Server 2012 accepts flat text
  files like /etc/passwd and /etc/group to perform this function and is next on my list of things to see if that will update the UID/GID based on the Windows ACE entries. Since the Local ACE take precedence "over" Inherited ACEs there could be a problem. The
  Inheritance appears to be intended [only] to retain Administrative rights over user created subdirs and files by adding an additional ACE at the time of creation.
  8. I did verify from the NFS client side in Linux that "Even though" the UID/GID seem to reflect the local non-root user should not have the ability to traverse or create new files, the "phantom" NFS Server ACEs are in place and do permit the function..
  reconciling the "view" with "reality" appears problematic, unless the User Mapping will update "effective" rights and ownership in the "view"
  -- John Willis, Facebook: John-Willis, Skype: john.willis7416

• Server for NFS deletes the partially copied file after failover

  Hello, 
  I found the strange behaviour in Server for NFS in the microsoft foc cluster. 
  I have a foc cluster of two nodes(windows server 2k12r2) and server for nfs role is installed on both. now I did mount the export from the client(windows server 2k12r2) where client for nfs role is installed;
  and a large file copying from the clients local drive to the mounted export is started.
  Now during this copying operation I did switch the export to second node(moved it using the failover cluster manager wizard). and what I found is the copying interrupts with
  error message "there is problem accessing file path" and on retry the copying starts all over again, I mean if the 50% was copied previously then
  after retry it will start from 0%.
  I watched the system events on second node with the "procmon" and I found; after the disk gets attached to the second node, the delete operation is get called for this file.
  Now what I need to know is why this delete is been called and who made this called. In the stack of the delete operation I could track the nfssvr.sys but not sure what attributes of that file made it to call the
  delete. 

  Hi,
  It takes us some time to create a failover cluster for testing.
  We tried to copy a large folder which contains many files, and a large VHD file we created.
  The result is the same - it will not restart the copy after failover. Thus as you said it is not caused by design and it should be an issue on your side which causes a Delete and redo the copy.
  Is there any application or specific network settings could terminate a disconnected copy process? Currently I do not have much information about this. 
  Edit: I noticed that it is NFS share and in our test we are using SMB share. Will do the test again to see if any difference. 

• Impact of having the fsmo role holders not available for 14 hours...

  Hi everyone, we have a situation where we will lose power to the building for 14 hours and since we don't have a generator we'll be shutting down our main site. We have 15 sites, each has a dc and the hq site has two with the fsmo roles distributed between
  the two at hq. So two questions to start with:
  1. What will be the impact of having the fsmo role holding domain controllers inaccessible for a period of 14 hours?
  2. What will we be facing once we regain power and turn the hq dc's back on?
  Look forward to hearing back about this - the power outage is this weekend though!!

  Hi,
  Sorry for the delay reply.
  If your PDC Emulator fails, certain domain functions, security functions, can stop functioning. If anyone of the following is not happening then you should check if your PDC Emulator is working properly:
  •Time is not Syncing: PDC is the default source for the client computers to sync the time. If client computers are not syncing the time then you should always check the PDC.
  •User accounts are not locked out: PDC Emulator processes the account lockouts immediately for the entire domain.
  For more detail information, please refer to:
  FSMO - if server holding PDC Emulator fail on 2003 / 2008, what happen?
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/1752b861-53d7-49f5-b066-2ca6a18070e7/fsmo-if-server-holding-pdc-emulator-fail-on-2003-2008-what-happen?forum=winserverDS
  Regards.
  Vivian Wang

• Importing a pkg with rely on server storage and roles for access control

  Hi we run std 2008 r2.  I'm reading documentation on prot levels during pkg import to catalog at
  https://msdn.microsoft.com/en-us/library/ms141747(v=sql.105).aspx but unfortunately the definition of prot level "rely on server storage and roles for access control"
  isn't clear.  They used the prot level name to define it which didn't help me.
  This option looks appealing but it isn't clear why I need to enter a pswd when choosing this option.  Will my peers need to know that pswd when they export?  Will the sql agent job need to present that pswd when running?  If I just keep current
  prot level "encrypt with user" will the agent job be able to run it?  I'm sure it (agent) isn't running with my creds now.  Also, how can I tell what prot level it was deployed with last?  I rt clicked on the pkg in the catalog
  and don't see anything obvious about that.  I already understand that on export prot level is changed to encrypt with user. 
  I'm going to look at the sql agen job right now to see what creds it runs with.

  First thing to understand is that protection level is used for determining how package (dtsx) file have to be protected. Once package is deployed in server and executed from agent, the conventional way is to use method of configurations or parameters if
  2012 to get required connection etc values and execute using it. It never uses the values that were set during the design time. So it doesnt matter what protection level was so far as its based on config
  However if you're planning to export existing package to your system and do modification thats where protection level comes to play. If its set to any of ENcryptSensitive... type value then you'll to provide the value (either a passowrd or your userkey which
  it takes automatically from login info) to see the sensitive info (connection info,passwords etc) The package will still open and so far as you manually type in missing values you will be able to execute the package. If protection level is set to one of ENcrptAll
  then you will have no way to open package itself unless you provide password/ have correct userkey.
  The rely on server storage option uses sql server security context itself ie it doesnt do any encryption within package by itself but will assume values based on sqlserver security. This is used when you store package itself in SQLServer itself (MSDB)
  Please Mark This As Answer if it solved your issue
  Please Vote This As Helpful if it helps to solve your issue
  Visakh
  My Wiki User Page
  My MSDN Page
  My Personal Blog
  My Facebook Page

• How to Check How Many Times FSMO Roles was Changed?

  Thanks Gary!

  Hello guys!
  I'm in a new company and we recently had problems with Primary Domain Controller.
  I had need to seize all FSMO roles from a dead server to another.
  In the past I read a lot of articles and most of them describe that the best practice is to change de FSMO roles once in life.
  I need to know if that is true and if it is a way to know how many times FSMO was changed on a domain.
  Thanks in advance,
  Marcelo.
  This topic first appeared in the Spiceworks Community

• I am using a work laptop and have the same problem. When I try to change the "configure proxy", they only available option is "use this proxy server for all protocols". Could it be that my system administrator blocked me from changing it since they don'

  I am using a work laptop and have the same problem. When I try to change the "configure proxy", they only available option is "use this proxy server for all protocols". Could it be that my system administrator blocked me from changing it since they don't want us to use Firefox.
  == User Agent ==
  Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6.4; FNGP_SYS)

  Start Firefox in [[Safe Mode]] to check if one of your add-ons is causing your problem (switch to the DEFAULT theme: Tools > Add-ons > Themes).
  See [[Troubleshooting extensions and themes]] and [[Troubleshooting plugins]]
  If it does work in Safe-mode then disable all your extensions and then try to find which is causing it by enabling one at a time until the problem reappears.
  You can use "Disable all add-ons" on the ''Safe mode'' start window.
  You have to close and restart Firefox after each change via "File > Exit" (on Mac: "Firefox > Quit")

• Photoshop Elements 5.0 PC.  Moved.  How do I change outgoing mail server? Photoshop trying to connect to old server for emailing pictures.  Thanks

  Photoshop Elements 5.0 PC.  Moved.  How do I change outgoing mail server? Photoshop trying to connect to old server for emailing pictures.  Thanks

  You say you have the pse 5 disk?
  I guess you do't have a dvd drive on your new windows 8 computer?
  Do you have access to another computer with a dvd drive?
  Anyway if you can find another computer with a dvd drive you could copy the pse 5 install disc to removable device like a camera card or flash drive.
  You can also buy cheap usb dvd drives.

• Can't change password for SMTP outgoing server.

  I changed my password on the server via a different method, now I need to change the password Thunderbird uses to send messages to that new password. No matter what I do, I can't seem to get Thunderbird to ask for the password again, it just keeps using the old saved password. How do I get Thunderbird to prompt me for the new password?
  Oh, and this is Thunderbird 24.6.0, on Windows 7.

  I have just spent several hours wrestling with the same problem.
  Why the Thunderbird path ''Tools>Options>Security>Passwords>Saved Passwords'' does not casually mention that to change server provider passwords,''' simply''':
  ''''Remove ALL the saved password for that account. They might be there more than once. Once for inbound and another for outbound. Remove them both. Close and restart Thunderbird. It should ask you for a password the next time one is required.' '''
  confounds Mozilla's usually excellent signposting, IMHO
  Thanks for the inspiration, Airmail

• How to change and save a new file in Edge web Lumira server for Team ?

  Hi Lumira folks,
  I've installed SAP Lumira 1.0, Edge edition and View a sample 'Dairy Wholesaler-Sample"
  I'd like to change it and save as new file, but "Save" button is disabled and when I put my mouse over the button,
  it says "Save Option is disabled in this version".
  Is there any idae how to change and save as a new file in Lumira Edge ?
  Many Thanks.
  JH

  I've just found the reason as below.
  http://scn.sap.com/community/lumira/blog/2015/03/20/lumira-server-for-teams-edge-edition-version-compatibility
  The current version of Lumira
  server for teams is 1.0. This version uses Lumira 1.22 as its 'engine' as this
  was the version of Lumira Desktop that was shipped at the same time.
  Hence with the current Lumira
  version compatibility; namely that a newer version of the product can open an
  older document, but an older version cannot open a newer document, care must be
  taken when deploying Lumira server for teams.
  Lumira server for teams is only
  compatible with Lumira desktop 1.22. If you intend to deploy Lumira server for
  teams, ensure your desktop users do not move to a later version of the desktop.
  Content created in a later version of Lumira desktop can be uploaded and shared
  via Lumira server for teams, but it cannot be viewed or edited online in the
  browser.
  Ensure desktop users disable the
  auto update capabilities in the desktop preferences, and set the update to
  none.

• Change server IP for SCOM 2012

  Hi all,
  Is there any set procedure on how we can change the IP address of SCOM server without affecting the services. We have only single server for SQL and SCOM installation.
  Thanks and Regards, Prashant Bande.

  Hi,
  Normally it should not be a problem changing the IP-adres of the SCOM server when everything is installed on a single box. 
  But give it some time because the DNS Name Resolution should flow to all off your agents. On your critical servers I should flush the DNS.
  Hope this helps 
  Roel Knippen
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• What is the impact on an Exchange server when moving FSMO role and schema master into another DC?

  What is the impact on an Exchange server when moving FSMO role and schema master into another DC? What do we have to do on exchange after performing a such task?
  I had 1 DC (Windows server 2008 R2), 1 Exchange 2010 SP3. I install a new DC (Windows server 2008 R2). I then move all the FSMO role including the schema master role into the NEW DC. I check to be sure that the new DC is a GC as well.
  I shutdown the old DC and my Exchange server was not working properly and specially Exchange Management Shell. It start working again after I turn up the older DC.
  I am wondering why Exchange did not recognize the new DC, even after moving all the roles on it.
  I am looking to hearing from you guys.
  Thanks a lot

  if you only have 1 DC, you might need to cycle the AD Topology service after shutting the one down.
  Also, take a look in the windows logs, there should be an event where Exchange goes to discover Domain Controllers, make sure both are listed there.  You can probably force that by cycling AD topology (this will take all services down so be careful
  when you do it)
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread

• Changing RDBMS Server for Hyperion Essbase

  Hello All,
  We have installed and configured 11.1.2.2.100(Essbase, EIS, Studio, Shared Services) on Windows 2008 32-bit Server successfully.
  Everything went fine and all products are working.
  Now we changed the RDBMS Server for Hyperion Essbase and ran the configuration once again with new RDBMS server with "Reuse existing tables" option.
  H1
  | First    Current
  DB1  ->  DB2
  From that time we are unable to access the essbase server.
  We were able to see the users in Shared Services. All users able to login to Shared Services, EAS but problem with Essbase.
  In HSS_Component table found old server name in two places, we have updated the old DB server name to Current DB server name.
  When we try accessing essbase we are getting the below error(tried with hostname, ip address, EssbaseCluster1 as Essbase server)
  Network error [10061]: Failed to connect to [Server Name:1423]
  Error: 103: Unexpected Essbase error 1030818
  Error: 1042006: Network error [10061]: Failed to connect to [[ServerName]:1423]
  Error: 1030818: Login failed. Please check if server and port are correct. If you received timeout or handshake failure,
  please check if you tried to connect to secure port without secure keyword or clear port with secure keyword.
  Please help me to resolve this issue.
  Thanks,
  Prathap

  It is extremely important that you know what you are doing before touching the shared services registry and the correct way is not to update tables, it is to use the epmsys_registry utility.
  To be honest you may have screwed up the registry and that is something I am not going to get involved in, try discussing with Oracle what you have just done.
  If it is only the rdbms servername changing (not the essbase server) then you should follow the instructions in the documentation - Changing the Shared Services and Registry Database Connection Information and Password
  Cheers
  John
  http://john-goodwin.blogspot.com/